PT-2018-5318 · Mozilla+2 · Firefox Os+2

Publicado

2018-03-30

Atualizado

2018-04-25

CVE-2017-11087

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description The issue is related to the libOmxVenc component, which copies the output buffer to an application with the filled length, larger than the output buffer's actual size. This leads to an information disclosure problem within the context of mediaserver.

Recommendations For Android for MSM, update to a version that addresses the information disclosure issue in libOmxVenc. For Firefox OS for MSM, update to a version that addresses the information disclosure issue in libOmxVenc. For QRD Android, update to a version that addresses the information disclosure issue in libOmxVenc.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-11087

Produtos afetados

Android

Firefox Os

Qrd Android

PT-2018-5318 · Mozilla+2 · Firefox Os+2

CVE-2017-11087

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3